阿里云服务器Centos7上使用Nginx部署https协议的网站
1,申请域名证书成功后,下载压缩包,一定要选择Nginx的证书类型,解压后得到一个key文件一个pem文件,将这两个文件上传到服务器的root目录
2,打开nginx配置文件
vim /etc/nginx/conf.d/default.conf
同时添加http和https的协议配置,需要注意的是,http需要阿里云安全协议暴露80端口,https需要阿里云安全协议暴露443端口
server { listen 80; server_name vip.queyou688.com; rewrite ^(.*)$ https://${server_name}$1 permanent; access_log /root/myweb_access.log; error_log /root/myweb_error.log; client_max_body_size 75M; location / { include uwsgi_params; uwsgi_pass 127.0.0.1:8001; uwsgi_param UWSGI_SCRIPT dms.wsgi; uwsgi_param UWSGI_CHDIR /root/dms; } location /static { alias /root/dms/static; } } server { listen 443 ssl; #SSL协议访问端口号为443。此处如未添加ssl,可能会造成Nginx无法启动。 server_name vip.queyou688.com; #将localhost修改为您证书绑定的域名,例如:www.example.com。 ssl_certificate /root/3205915_vip.queyou688.com.pem; ssl_certificate_key /root/3205915_vip.queyou688.com.key; ssl_session_timeout 5m; ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; #使用此加密套件。 ssl_protocols TLSv1 TLSv1.1 TLSv1.2; #使用该协议进行配置。 ssl_prefer_server_ciphers on; location / { include uwsgi_params; uwsgi_pass 127.0.0.1:8001; uwsgi_param UWSGI_SCRIPT dms.wsgi; uwsgi_param UWSGI_CHDIR /root/dms; } location /static { alias /root/dms/static; } }
3,重启nginx
systemctl restart nginx.service
效果如下: